1

I just integrated Apache Httpd 2.4.25 with mod_security 2.9.1. And now i got this error messages:

/*
--ba380000-H--
Message: Error reading request body: Partial results are valid but processing is incomplete
Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client %s] ModSecurity: %s%s [uri "%s"]%s
Apache-Handler: jakarta-servlet
Stopwatch: 1489655290393010 8470749 (- - -)
Stopwatch2: 1489655290393010 8470749; combined=0, p1=0, p2=0, p3=0, p4=0, p5=0, sr=0, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.1 (http://www.modsecurity.org/).
Server: Apache/2.4.25 (Win64) OpenSSL/1.0.2k mod_jk/1.2.40 mod_watch/4.3P mod_security2/2.9.1
Engine-Mode: "ENABLED"
--ba380000-Z--
*/

I don't know what's problem. please help me. Thanks.

Udom
  • 329
  • 2
  • 4
  • 18

1 Answers1

0

Sounds like you are sending large request body amounts and are hitting this bug: https://github.com/SpiderLabs/ModSecurity/issues/918

Are you sending very large requests? Can you increase SecRequestBodyLimit and SecRequestBodyNoFilesLimit to sizes that will incorporate your largest request size? Though to be honest the defaults for those are quite large (128Mb) so unless you've explicitly set those values to lower or have truely tremendous request body sizes I'm not sure how you'd hit this limit...

Barry Pollard
  • 40,655
  • 7
  • 76
  • 92
  • Hi BazzaDP, Thanks for your response, I have set SecRequestBodyLimit 313107200 SecRequestBodyNoFilesLimit 33131072 – Udom Mar 17 '17 at 02:08
  • And that caused it fixed the problem? Why those values? And why different values for both? That's 300mb and 32mb respectively - which are massive values for request bodies! – Barry Pollard Mar 17 '17 at 02:52
  • BazzaDP, now I want to set this option to unlimited. how can i do that? Remove it is from the configuration? – Udom Mar 17 '17 at 03:06
  • This is not possible. There is a hard pint of 1Gb (https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#SecRequestBodyLimit ) as ModSecurity needs to scan these to identify threats. However I honestly don't understand why you would ever want to send requests that large! – Barry Pollard Mar 17 '17 at 05:12
  • I have increase SecRequestBodyLimit 1193107200, SecRequestBodyNoFilesLimit 1193107200 and SecRequestBodyInMemoryLimit 7131072. but this error still occured. – Udom Mar 17 '17 at 09:10
  • You haven't given me anything to go on here, but I really doubt you are sending such big requests. So you are probably setting the limit to much lower than this in other config. Check all the config you are loading. – Barry Pollard Mar 18 '17 at 10:01
  • Thanks @BazzaDP. I'm try to find but, it's not found the another config. You have any suggestion where i can i find? – Udom Mar 20 '17 at 02:23
  • Note. I have config this apache with mod_security, mod_jk, mod_watch and ssl certificate. – Udom Mar 20 '17 at 02:27